First published: Tue Sep 18 2012(Updated: )
SQL injection vulnerability in WebNavigator in Siemens WinCC 7.0 SP3 and earlier, as used in SIMATIC PCS7 and other products, allows remote attackers to execute arbitrary SQL commands via a crafted SOAP message.
Credit: ics-cert@hq.dhs.gov
Affected Software | Affected Version | How to fix |
---|---|---|
Siemens SIMATIC PCS7 | =8.0 | |
Siemens WinCC | <=7.0 | |
Siemens WinCC | =5.0 | |
Siemens WinCC | =5.0-sp1 | |
Siemens WinCC | =6.0 | |
Siemens WinCC | =6.0-sp2 | |
Siemens WinCC | =6.0-sp3 | |
Siemens WinCC | =6.0-sp4 | |
Siemens WinCC | =7.0 | |
Siemens WinCC | =7.0-sp1 | |
Siemens WinCC | =7.0-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.